<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
          "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta charset="utf-8">
<title>QUnit 'ecdsamod.js' test</title>
<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="qunit.js"></script>
<link rel="stylesheet" href="qunit.css" type="text/css" media="screen" />
<!-- crypto-js, yahoo -->
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/core.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/sha256.js"></script>
<script src="http://yui.yahooapis.com/2.9.0/build/yahoo/yahoo-min.js"></script>
<!-- tom wo's -->
<script src="../ext/jsbn.js"></script>
<script src="../ext/jsbn2.js"></script>
<script src="../ext/prng4.js"></script>
<script src="../ext/rng.js"></script>
<script src="../ext/ec.js"></script>
<!-- bitcoin -->
<script src="../ext/ec-patch.js"></script>
<!-- kjur -->
<script src="../asn1hex-1.1.js"></script>
<script src="../asn1-1.0.js"></script>
<script src="../crypto-1.1.js"></script>
<script src="../ecdsa-modified-1.0.js"></script>
<script src="../ecparam-1.0.js"></script>

<script type="text/javascript">
$(document).ready(function(){

var hashAAA256Hex = KJUR.crypto.Util.sha256("aaa"); // SHA256 hash value of string "aaa"
var hashAAB256Hex = KJUR.crypto.Util.sha256("aab"); // SHA256 hash value of string "aab"

test("default(secp256r1) sign and verify aaa", function() {
  // signing a message
  var prv = "11b5737cf9d93f17c0cb1a84655d3995a02824097effa5edd8ee26381eb5d6c3";
  var ec1 = new KJUR.crypto.ECDSA({'prv': prv});
  var sigHex = ec1.signWithMessageHash(hashAAA256Hex);

  // signature validation
  var pub = "04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425";
  var ec2 = new KJUR.crypto.ECDSA({'pub': pub});
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("secp192k1 sign and verify aaa", function() {
  // signing a message
  var prv = "5e83d67ee4592c673eab19d3db98d541f15e2145188b81ca";
  var ec1 = new KJUR.crypto.ECDSA({'curve': 'secp192k1', 'prv': prv});
  var sigHex = ec1.signWithMessageHash(hashAAA256Hex);

  // signature validation
  var pub = "04874ca64f193b1080847bf3950366ed6bc05c884185574e21ac17dbd2e63a93d9bfff14a8e251da592bc4677de25458c0";
  var ec2 = new KJUR.crypto.ECDSA({'curve': 'secp192k1', 'pub': pub});
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("default(secp256r1) sign and verify aaa<>aab", function() {
  // signing a message
  var prv = "11b5737cf9d93f17c0cb1a84655d3995a02824097effa5edd8ee26381eb5d6c3";
  var ec1 = new KJUR.crypto.ECDSA({'prv': prv});
  var sigHex = ec1.signWithMessageHash(hashAAA256Hex);

  // signature validation
  var pub = "04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425";
  var ec2 = new KJUR.crypto.ECDSA({'pub': pub});
  var result2 = ec2.verifyWithMessageHash(hashAAB256Hex, sigHex);
  equal(result2, false, "ecdsa sign");
});

test("k1.sig.aaa.1 secp256r1 sha256", function() {
  // signature validation
  var pub = "04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425"; // k1.pub.pem
  var ec2 = new KJUR.crypto.ECDSA({'pub': pub});
  var sigHex = "3045022100f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b0220051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8"; // k1.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("k1.sig.aaa.2 secp256r1 sha256", function() {
  // signature validation
  var pub = "04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425"; // k1.pub.pem
  var ec2 = new KJUR.crypto.ECDSA({curve: 'secp256r1', 'pub': pub});
  var sigHex = "304502202241c432b03179b65f63ac66ed9273531a7f5c00feab5e55a7921c81a8f74275022100a51a260c76a33718e77b0459b239cc709209a7da7ba9a7311059413546598ec0"; // k1.sig.aaa.2
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("KNOWN ISSUE: k2.sig.aaa.1 secp192k1 sha256", function() {
  // signature validation
  var pub = "04874ca64f193b1080847bf3950366ed6bc05c884185574e21ac17dbd2e63a93d9bfff14a8e251da592bc4677de25458c0"; // k2.pub.pem
  var ec2 = new KJUR.crypto.ECDSA({"curve": "secp192k1", "pub": pub});
  var sigHex = "3036021900e3503fd1f491de61f8bf9cb2777f0f203bb28c27f0a5cff9021900e789fc4af8c382ff2cfc97a94f562be1b56841693334e20b"; // k2.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("KNOWN ISSUE: k3.sig.aaa.1 secp224r1 sha256", function() {
  // signature validation
  var pub = "04e34009a6c4dc3ddb0d39e1abac085cd4705e1d39a526d4843398432a093af22eb42891390266eb192cb9221725cd44d0c211317afb97349d"; // k3.pub.pem
  var ec2 = new KJUR.crypto.ECDSA({"curve": "secp224r1", "pub": pub});
  var sigHex = "303e021d00e68ea9a165c343432f91df99136f66a3f5f2958a9644b6101880bf40021d008eb7cab62691b6998cbe78b0c5f21a28a84d83a8fda6bf7a69d85363"; // k3.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("k4.sig.aaa.1 secp256k1 sha256", function() {
  // signature validation
  var pub = "0422353f380062b2bde67712091386faa369ec5ef1a244d06c459fe3de1fb0a5d8ad23a3878be75e375546f14ca6e42755fee04bd78c0343ac8038f5a218e1fbc5"; // k4.pub.pem
  var ec2 = new KJUR.crypto.ECDSA({"curve": "secp256k1", "pub": pub});
  var sigHex = "30450220350cc4ac81e68fce3cd134ab1cf4ae0e853a297be0f5f0508b0abc3681ba3364022100a601afe06571a95554f722f4fd0114a3335e9e3c155b390aba53dffbb3eedfec"; // k4.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("KNOWN ISSUE: k5.sig.aaa.1 secp521r1 sha256", function() {
  // signature validation
  var pub = "0400d29a52344c35119ff5bea19ae090f802d05ff9ea31adcc31524d012875ea791344b02af06b58de3c3d26f1ba413d25d5cf9b6b287b5c9cf410bf2a6ea7ad02619d00de221502a15480f064d9d04c0bd40713e587ca72fc3009d338947454d63617b62e08a42fe9820153dcdf88445992e8cf204d8cefc4264c0d49d81e298307ed698f"; // k5.pub.der
  var ec2 = new KJUR.crypto.ECDSA({"curve": "secp521r1", "pub": pub});
  var sigHex = "3081880242014ee923bd994ea00f7f20a6d7634a718b38e485ca9ebf0e2a794151fcba86cde56ef22c488245a05e8f158fedb8bfe775d039e3e6663fa104de732116a788627f5d0242010420e96c6ae4c2630575213f33bfc1e7795be6dd4a35ac69250c5a9f65ec62f6a3f5fe4ac66c8c1471afdeb3f0784e2645f0f606859761d4930c39fd8ba11ca4e0"; // k5.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

test("k6.sig.aaa.1 secp384r1 sha256", function() {
  // signature validation
  var pub = "04543526abdfc47394a3f2645b0d48651a9f3a4d46d8740be322915107f050250c730ca40b37e1dc85e082b4bb181b8847bd6d0fa278bae5eb1c05474c9a4e2beec28c970be49c1949f09e96979a277a514830e32a5b9de1ec68ab99f492dd300a";
  var ec2 = new KJUR.crypto.ECDSA({"curve": "secp384r1", "pub": pub});
  var sigHex = "306502303725858ae53a59a71b0d48553d5c3b0d450a4a76c1da2fd5b508cdb598607a418d7bc622006afe0655e894c2ac6b2b03023100dfffc7d84c02d0e3625a19c9305a1a8caa01fab7da4c4f847086774d5a9205f3de2fe041c76aca429c0229d3c74769b0"; // k6.sig.aaa.1
  var result2 = ec2.verifyWithMessageHash(hashAAA256Hex, sigHex);
  equal(result2, true, "ecdsa sign");
});

// === ECC KEY GENERATION ===============================================================
test("generate ECC key for secp256r1 curve", function() {
  var ec = new KJUR.crypto.ECDSA({"curve": "secp256r1"});
  var keypair = ec.generateKeyPairHex();
  
  expect(2);
  equal(keypair['ecprvhex'].length, 256 / 4, "private key hexstr length");
  equal(keypair['ecpubhex'].length, (256 / 4) * 2 + 2, "public key hexstr length");
});

test("generate ECC key for secp384r1 curve", function() {
  var ec = new KJUR.crypto.ECDSA({"curve": "secp384r1"});
  var keypair = ec.generateKeyPairHex();

  expect(2);
  equal(keypair['ecprvhex'].length, 384 / 4, "private key hexstr length");
  equal(keypair['ecpubhex'].length, (384 / 4) * 2 + 2, "public key hexstr length");
});

test("key generation, signing and verification for secp256r1 curve", function() {
  // key generation
  var ec0 = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
  var keypair = ec0.generateKeyPairHex();

  // signing
  var ec1 = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
  var sigHex = ec1.signHex(hashAAA256Hex, keypair.ecprvhex);

  // signature validation
  var ec2 = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
  var result2 = ec2.verifyHex(hashAAA256Hex, sigHex, keypair.ecpubhex);
  equal(result2, true, "ecdsa sign");
});

});
</script>
  
</head>
<body>
<div id="qunit"></div>
<div id="qunit-fixture">test markup</div>

<b>NOTE:</b>
<p>
Currently this library works for only secp256r1, secp256k1 and secp384r1 EC curves
besides some other curves are pre-defined.
</p>

<p>
ECC related QUnit test pages: 
<a href="qunit-do-crypto.html">crypto.js</a> | 
<a href="qunit-do-crypto-ecdsa.html">crypto.js Signature class for ECDSA</a> | 
<a href="qunit-do-ecdsamod.html">ecdsa-modified.js</a> | 
<a href="qunit-do-ecparam.html">ecparam.js</a> | 
</p>

</body>
</html>
